System and method using information based indicia for securing and authenticating transactions

ABSTRACT

Method, system, and apparatus for authenticating transactions and records. A nonce stamp is a physical article that is relatively difficult to copy illicitly, and that bears a “nonce” number. The “nonce” is a relatively unique identifier, in that it is chosen from a distribution such that any given user/customer is extremely unlikely to obtain two nonce stamps bearing the same nonce. The method includes: presenting a nonce stamp having a nonce number; presenting a numbered digital certificate derived securely from the nonce number; and authenticating the transaction by comparing the number on the digital certificate and the nonce number. The digital certificate is typically obtained by users/customers in exchange for the purchase price of a desired transaction. The apparatus is an information-based indicium including a nonce stamp, and a digital certificate including a number derived securely from the nonce. The system generates information-based transaction indicia, and typically includes one or more computers configured to receive as input a nonce number from a user; encrypt the nonce number; and provide to the user a digital certificate including the encrypted nonce number, so that the nonce and the digital certificate may be collectively presented as an information-based transaction indicium to authenticate a transaction.

TECHNICAL FIELD OF THE INVENTION

[0001] System, method, and apparatus for authenticating or validating atransaction or record using information-based indicia of payment orauthorization.

BACKGROUND OF THE INVENTION

[0002] The United States Post Office (USPO) has been consideringelectronic postage stamps for several years. According to the USPO(http://56.0.78.92/html/ibimain.html), electronic postage should beprinted on an envelope in the upper right hand corner (or on a label foran envelope or package), convey evidence that postage has been paid,contain mail processing data requirements, and contain security-relateddata elements. As shown in FIG. 1, the USPO desires that an electronicpostage stamp be made up of human readable information as well as a twodimensional barcode with the following information:

[0003] Licensing ZIP Code

[0004] Date of Mailing

[0005] Destination Delivery Point

[0006] Postage

[0007] Software ID

[0008] Digital Signature

[0009] Ascending Register

[0010] Rate Category

[0011] Descending Register

[0012] Reserve Field

[0013] Algorithm ID

[0014] Indicia Version Number

[0015] Device ID

[0016] Certificate Serial Number

[0017] There are presently several competing commercial schemes forelectronic postage. Typically these schemes are based on digitalcertificates. One such scheme provides a way for the postal vendor toaccess a secure nonvolatile memory on a user's computer with a postageprinting program. The goal here is to control the printer so that itnever prints a given certificate twice, i.e., never prints the samecertificate onto more than one copy of a label or envelope. Yet anotherscheme uses a unique mail piece identifier generated by a trusted thirdparty for encrypting the postage information. The encrypted informationis then printed on the mail piece. The problem with such methods is thatbecause certificate information can be easily photocopied, the goal ofsecurity is not achieved. Unless the certificates are checked for re-usewith an expensive database lookup system, there is no reliable way toprevent the certificate information from being copied and reusedillicitly. Thus, none of the competing schemes provide a way to fullyauthenticate the electronic transactions generating the electronicstamps. Without adequate protection against copying, tremendous amountsof revenue are at risk.

[0018] Another problem with current schemes is that they typically donot provide an easy mechanism for revocation and replacement ofelectronic stamps in the case that an envelope tears or the printerjams. Inadvertent failure to mail a stamped article on the date encodedin the e-stamp certificate results in a similar problem—how can the useravoid forfeiting the money spent to purchase the postage? Some currentschemes provide limited functionality for redating or otherwisecorrecting e-postage, but current techniques are typically clumsy andinefficient, which is particularly costly when one considers thatpostage stamps are used in extremely heavy volume.

[0019] The same needs and problems apply more generally toinformation-based indicia (“IBI”) for transactions besides postage, suchas facility admission tickets (for events, movies, travel, etc.),coupons, vouchers, certificates, visas, receipts, and checks.

SUMMARY OF THE INVENTION

[0020] The present invention provides a method, apparatus, and systemfor securing and authenticating information based indicia thatsubstantially eliminates or reduces certain disadvantages from previousIBI systems and methods.

[0021] One aspect of the invention described herein includes presentinga nonce stamp bearing a nonce; presenting a numbered digital certificatederived securely from the nonce, such as by encryption; andauthenticating the transaction by comparing the number on the digitalcertificate and the nonce.

[0022] Typically the nonce may be represented on the nonce stamp in aform such as a bar code that can be read by humans and/or by standardimage scanners. The digital certificate may be marked on a physicalmedium, and represented in the form of a two dimensional bar code.

[0023] Verifying the authenticity of a presented nonce stamp/certificatepair (and/or the authenticity of the transaction for which they arepresented as indicia) is accomplished by comparing the number on thedigital certificate and the nonce. Where the certificate is derived byencrypting the nonce using a private key for which an associated publickey is made widely available, verification may be performed bydecrypting the number on the presented digital certificate and matchingthe result against the presented nonce. Alternatively, if there is nopublic key then the verifying authority will be given access to theprivate key, and can perform verification by encrypting the presentednonce and comparing the result with the number on the presented digitalcertificate.

[0024] In typical applications, an end user customer obtains a digitalcertificate to accompany a nonce stamp by specifying a desiredtransaction, paying the purchase price for that transaction, andinputting the nonce number from a nonce stamp of the user. In someembodiments, users may obtain digital certificates remotely such as viaan electronic communications network. In such embodiments digitalcertificate information (including the encrypted number for the digitalcertificate) may be electronically transmitted to the user via network,and a tangible copy of the certificate is printed locally for the user.

[0025] In a preferred embodiment, the numbered digital certificatefurther includes a description of at least one element of the desiredtransaction, for example, purchase price, purchased product/service,and/or transaction authority.

[0026] In typical applications, the nonce stamp and the numbered digitalcertificate are physically linked or coupled together, such as byprinting the numbered digital certificate onto the nonce stamp, or byaffixing the stamp and certificate to each other or to an article of thetransaction such as a mailing envelope.

[0027] In one application, the transaction includes depositing anarticle of mailing, and the nonce stamp and the numbered digitalcertificate are presented as postage. In another application, thetransaction includes admission to a facility, and the nonce stamp andthe numbered digital certificate are presented as an admission ticket.In yet other applications, the nonce stamp and digital certificatefunction as traveler's checks or as personal checks.

[0028] Apparatus of the invention includes an information-based indiciumfor authenticating a desired transaction. This indicium includes a noncestamp having a nonce; and a digital certificate including a numberderived securely from the nonce, such that the digital certificate andthe nonce stamp may be presented together to authenticate the desiredtransaction. In another aspect of the invention, the information-basedindicium may comprise a forgery-resistant physical article bearing anidentification number; and a digital certificate including a numberderived securely from the identification number, such that the digitalcertificate and the forgery-resistant article may be presented togetherto authenticate the desired transaction.

[0029] Further aspects of the invention include a system for generatinginformation-based transaction indicia for a user's desired transaction.The system includes one or more computers configured to receive as inputa nonce number from the user's nonce stamp; to encrypt the nonce number;and to provide to the user a digital certificate including the encryptednonce number, such that the nonce stamp and the digital certificate maycollectively be presented as an information-based indicium toauthenticate the desired transaction. In typical applications, the oneor more computers are further configured to specify a user's desiredtransaction and to charge the user a transaction price for the desiredtransaction, in exchange for providing the digital certificate. In someapplications the computers may not be configured to charge the userprior to providing the digital certificate, and instead the user may becharged (such as through a banking system) after the certificate/noncestamp pair is negotiated.

BRIEF DESCRIPTION OF THE DRAWINGS

[0030] For a more complete understanding of the present invention andthe advantages thereof, reference is now made to the followingdescription taken in conjunction with the accompanying drawings in whichlike reference numerals indicate like features and wherein:

[0031]FIG. 1 is an illustration of a prior art IBI as described by theUnited States Post Office.

[0032]FIG. 2 is a flow chart illustrating one embodiment of the methodof the invention.

[0033]FIG. 3a is an illustration of a system used in the practice of theinvention.

[0034]FIG. 3b is an illustration of a further system used in thepractice of the invention.

DETAILED DESCRIPTION OF THE INVENTION

[0035] Preferred embodiments of the present invention are illustrated inthe figures, like numerals being used to refer to like and correspondingparts of the various drawings.

[0036] For convenience we define the term “nonce stamp.” The term “noncestamp” is used herein to denote a physical article that is relativelydifficult to copy illicitly (or equivalently, for which forgeries areeasily detected and are preferably traceable)—such as a typical postagestamp, for example—and that also bears a “nonce.” In computer science,the term “nonce” generally means a “fresh number,” a number that isunique or virtually unique within some context of interest. In thecontext of the present invention, “nonce” denotes a number (or otherdatum) chosen from a good enough distribution to ensure relative“uniqueness,” i.e., a low likelihood that a single user/customer canaccumulate multiple nonce stamps bearing the same nonce number. Itshould be noted, as will be apparent to practitioners in light of theteachings herein, that postage is just one beneficial application forthe present invention and is by no means the only one. The term “noncestamp” is not intended to narrowly denote postage stamps only, butshould rather be construed broadly to denote any physical article thatis relatively difficult to copy illicitly and that incorporates a nonce.

[0037] By way of introduction, the present invention provides a noncestamp based system, method, and apparatus for creating and checkinginformation-based indicia suitable for trusted authentication oftransactions. Such indicia may include, for example, postage, admissiontickets, coupons, vouchers, certificates, visas, receipts, and checks.In a preferred aspect of the invention, physical nonce stamps arecreated and distributed freely at little or no cost to users/customers.Users can then use convenient means to order, purchase and print digitalcertificates for postage or for other desired transactions as needed, aswill be described below. Because each nonce stamp has no economic valuewithout an accompanying authentic digital certificate, the nonce stampscan be widely distributed in large numbers in advance at nominal cost.An encryption process for generating authentic digital certificatesbased on the nonce effectively prevents illicit creation of digitalcertificates that can satisfy the authentication check, as discussed inmore detail below. And physical duplication of an authentic digitalcertificate poses no economic threat, because each certificate can onlybe used to authenticate a transaction (and thus only has economic value)if accompanied by the single, duplication-resistant nonce stamp fromwhich the authentic certificate was derived.

[0038] One embodiment of a method in accordance with the presentinvention is illustrated in FIG. 2. A user first obtains a nonce stamp200, typically for no charge or for nominal charge. In order to conductan authenticated transaction, a user/customer submits a request for atransaction certificate by specifying the desired transaction 210 (e.g.,an order for a quantity of U.S. postage) and by typically making paymentof the price for the desired transaction, and also presents and/orinputs (220) the nonce stamp number. Note that in practice and as amatter of convenience, users may be required to pre-purchaseminimum-size blocks of credits for their account (e.g., for postage),and in that case payment 210 typically entails an electronic deductionbeing made from the user's pre-paid account. In any event, and inresponse to inputs 210-220, the nonce is encrypted (230). Standardencryption techniques as known to practitioners are sufficient; anunderlying principle being that the encryption key preferably should notbe readily recoverable from knowledge of particular nonce/encryptednonce pairs, since otherwise it becomes trivial to illicitly create anauthentic-seeming digital certificate for any given nonce. The result ofencryption 230 is included in digital certificate information that isgenerated 240 and delivered to the user 250.

[0039] Next, at step 260, the user/customer presents the nonce stamp anddigital certificate pair to a vendor or other transaction authority toauthenticate the desired transaction, such as by affixing the noncestamp and digital certificate as postage on an article of mailing anddepositing the article into the mail system. At decision point 270, theauthenticity of the desired transaction is verified by comparing thenumber contained on the digital certificate and the nonce on the noncestamp. In embodiments of the present invention, this comparison test canbe done in relatively straightforward algorithmic fashion. For example,in some applications the authenticating authority's testing computerwill have private access to the same secure encryption key that is usedto generate digital certificates from nonces. Thus, when presented witha given certificate/nonce pair for authentication at step 270, thetransaction authority's testing computer can preferably apply encryptionto the presented nonce, and simply check the result for identity withthe number contained in the presented certificate. In otherapplications, a public key is available allowing authenticatingauthorities to decrypt the certificate and match the resulting numberagainst the presented nonce number at step 270; in accordance with theprinciples of public key cryptography, well-known to practitioners inthe art, the public key works only in one direction, and thus permitsdecryption of a given certificate but does not enable (potentiallyillicit) generation of new, encrypted certificates for other noncenumbers. In either case, there is no need, e.g., for an expensivedatabase tracking all digital certificates. If the result of that test270 is a match, then the transaction authority can approve thetransaction 280 (e.g., USPO can accept and deliver the article ofmailing), whereas if there is no match, then the authority can rejectthe transaction 290 (e.g., USPO returns the article for lack ofauthentic postage). Note that in embodiments where public keycryptography is used, anyone with access to the public key can verifythe authenticity of a presented nonce/certificate pair (although theycannot illicitly generate such pairs). Thus, for example, a customer canverify the authenticity of a purchased certificate prior to mailinghis/her letter etc., and can contact the certificate vendor if errorsare detected.

[0040]FIG. 3a illustrates one embodiment of a system for practicingmethods of the present invention. With respect to the method illustratedin FIG. 2 and the system illustrated in FIG. 3a, after obtaining 200nonce stamp 320, the user can submit his or her transaction certificaterequest along with payment information (e.g. credit card number) andwith nonce input by using data terminal 300, such as a standard PC,portable computer, PDA, or even a telephone (steps 210-220). Thisinformation is electronically transmitted over network links to vendorcomputer 310. In a preferred embodiment, data terminal 300 executesstandard internet/web browser software (not shown) and uses standarde-commerce infrastructure to support the interaction between user dataterminal 300 and vendor computer 310.

[0041] In response, the nonce is encrypted 230 by vendor computer 310.The result of encryption 230 is embodied in digital certificateinformation that is generated and delivered to the user (240-250) inorder to provide the user with digital certificate 340. As one example,digital certificate 340 might be produced by first generating anelectronic image file by vendor computer 310 based on the result ofencryption 230; that image file would then be e-mailed to user dataterminal 300, and standard computer printer 330 would then be used toprint a hard copy of the digital certificate 340. In another example,vendor computer 310 might simply send the digital certificate number touser terminal 300, and in turn software executing locally at userterminal 300 would generate digital certificate 340 and cause it to beprinted on printer 330. In an embodiment where data terminal 300comprises a standard touch-tone telephone for purposes of input 220-230,various approaches are possible: by way of example, in some variationsdigital certificate image information might be sent to a user's faxmachine (not shown), and in other variations the encrypted number can becommunicated to the user via telephone and digital certificate 340 canbe manually inscribed by the user on nonce stamp 320 or on thetransaction object of interest (e.g., an article of mailing).

[0042] Next, at step 260, the user/customer presents nonce stamp 320 anddigital certificate 340 to transaction authority 350 to authenticate thedesired transaction. At decision point 270, transaction authority 350verifies the authenticity of the desired transaction by submitting thenumber contained on digital certificate 340 and the nonce on nonce stamp320 to transaction authority computer 360 for a comparison test. Intypical applications the transaction authority's computer 360 either hasprivate access to the same secure encryption key that is used by vendorcomputer 310 to generate digital certificates from nonces, or else hasaccess to a public decryption key as discussed above. Thus, whenpresented with a given certificate/nonce pair for authentication at step270, computer 360 can preferably apply encryption to the presentednonce, and simply check the result for identity with the numbercontained in the presented certificate—or, in the public key variation,can decrypt the certificate and check the result for identity againstthe presented nonce—as described above. Note that transaction authoritycomputer 360 need not necessarily be the same physical machine as vendorcomputer 310 (although it can be); nor must computers 310 and 360necessarily be kept linked by network or otherwise. Also note that atdecision point 270 transaction authority 350 preferably also physicallyexamines the presented nonce stamp to screen out amateur forgeries andthe like.

[0043] An additional embodiment for practicing the method of FIG. 2 isillustrated in FIG. 3b. In this variation, user 300 need not beconnected electronically with vendor 310 when operations 210-250 arecarried out. Instead, users/customers first obtain tamper-resistantsecure module 305 from vendor 310, along with accompanying controlsoftware to be installed on user computer 300. Users can connectelectronically to vendor 310 and purchase convenient blocks of credits(postage credits, for example) at any time, in response to which vendorcomputer 310 electronically deposits credits to secure module 305.Having performed this initial set-up, users can then initiate operations210250 on user computer 300 by interacting locally with secure module305, without necessarily being connected to vendor 310. Secure module305 automatically debits its electronic account for the user by theprice of the requested purchase 210, and performs secure encryption 230.Secure module 305 is preferably tamper-resistant hardware and/orsoftware, in the sense of being protected such that users cannot “hack”or modify its operation without disabling it completely; e.g., userscannot illicitly adjust the electronic account balance or suppressdeduction of the purchase price when certificates are generated.Embodiments of tamper-resistant modules for electronically purchasingblocks of postage credit are already commercially available (e.g.,“Electronic Vault” provided by E-Stamp of Mountain View, Calif.,www.estamp.com)—except that such current systems do not create noncestamp-linked digital certificates and do not practice the presentinvention. Thus, embodiments of secure module 305 can be constructed bypractitioners in light of the novel teachings disclosed herein.

[0044] The nonce is preferably selected randomly from a good enoughdistribution to ensure relative “uniqueness,” i.e., a low likelihoodthat a single user/customer can accumulate multiple nonce stamps withthe same number (since doing so would enable the user to purchase asingle authentic digital certificate from one such nonce, and thenillicitly make and use copies of that certificate with each of theidentical nonce stamps). In a preferred embodiment, the nonce isstructured and preferably includes a random number component as well assource information, a digital signature, and whatever other informationmay be deemed useful for a given application. In the context of postage,for example, this allows checking the validity of the source of thestamp: e.g., the source jurisdiction (country, postal zone or branch,etc.) can be encoded and checked. In some applications, the noncecontained on the nonce stamp is printed in the form of a bar code, whilethe encrypted number printed on the digital certificate is a twodimensional bar code. In a preferred embodiment, the nonce isrepresented in a form (such as a bar code, for example) that can be readby humans and/or by standard image scanners, so that the user does notnecessarily need special-purpose hardware in order to input nonceinformation when obtaining a digital certificate. In variousembodiments, the nonce stamp and derived digital certificate arephysically affixed to a transactional object for which authentication isdesired by the user/customer (e.g., affixing nonce postage to an articleof mailing); in other embodiments either or both of thecertificate/nonce stamp pair may remain unattached; in some embodimentsthe certificate may be printed, marked, or affixed onto the nonce stamp;and in various embodiments there may not be a transactional objectseparate from the nonce stamp itself (e.g., nonce admission tickets formovies or special events, or pre-printed nonce envelopes for mailing).

[0045] In further embodiments and variations, multiple digitalcertificates may be required in combination with a single nonce stamp,akin to requiring multiple signatures for approval of a transaction. Afurther variation would require multiple, distinct noncestamp/certificate pairs as authentication indicia for a singletransaction, in order to further protect against the (unlikely) prospectof a user ever obtaining duplicate nonces. In yet another embodiment,the digital certificate may be presented to the transaction authority(step 260, FIG. 2) by electronic transmission and not necessarily inprinted or other tangible form.

[0046] A preferred, illustrative application for nonce stamps iselectronic postage. In an embodiment of this application, the postalservice or an authorized agent issues and distributes nonce stamps atnominal or zero cost. When a customer wishes to purchase an amount ofpostage, the nonce number, the desired postage amount, and various otherbits of information (such as data required by the USPO as shown inFIG. 1) are combined to generate a digital certificate. Generation andpurchase of the digital certificate can be conducted conveniently by thecustomer in an online electronic transaction leveraging conventionale-commerce infrastructure, as described previously in connection withFIGS. 3a and 3 b. The postal item can then be mailed by or for thecustomer by affixing the digital certificate and the original noncestamp. The authenticity of the postage can be established by checkingthe nonce in the affixed nonce stamp against the number incorporated inthe digital certificate, as described earlier, and in addition thecertificate can be examined for authenticity of other indicia such asthe signature etc.

[0047] Another illustrative application involves online/remote purchaseof admission tickets, in a context where manually examining eachcustomer's ID at the door is impractical or is at least too timeconsuming to be optimal (such as for movie theater admissions).Zero-value nonce tickets can be distributed in large quantity at zero ornominal cost by movie theaters, concert venues, etc. Users/customers whopurchase tickets online can input the nonce from a nonce ticket theyhave around, and obtain a digital certificate as illustrated in FIG. 2.In some applications, the certificate would also explicitly specify theparticular movie or event for which admission was purchased. In oneembodiment, users would obtain (again, at relatively nominal cost) blankstickers designed to be fed to standard computer printers, upon whichthe purchased digital certificate information would be printed. Userswould affix such a printed sticker to a nonce ticket, and scanner/readermachines at the admission doors to participating theaters and venueswould immediately confirm or reject the validity of such tickets. Here,again, the threat of users making multiple copies of purchasedcertificates is defeated by requiring that each certificate be presentedand surrendered along with the copy-resistant nonce ticket used toderive that certificate.

[0048] Another illustrative application facilitates the convenient,online/remote purchase of traveler's checks. Here again, zero-valuenonce checks can be made readily available to prospective customers inrelatively large quantity at zero or nominal cost. Users/customers canconveniently purchase valuable checks online by inputting the nonce froma nonce check they have around, and obtaining a digital certificate asillustrated in FIG. 2. In one embodiment, users would print the receiveddigital certificate information onto stickers as in the previousexample; in another embodiment, users could manually write the digitalcertificate information on the check. On presenting the check to amerchant the merchant could verify the authenticity of the instrument byscanning or keying the nonce number and the certificate number, andusing a public decryption key made available by the issuing bank toperform the authentication check as discussed previously in connectionwith decision point 270 (FIG. 2).

[0049] In this application, merchants preferably would continue torequire customer signatures and ID verification as with traditionaltraveler's checks; the invention basically allows easy authentication ofa presented check (i.e., is this check backed by a promise to pay by theissuing bank, or is it a forgery), whereas a user ID check is stillrequired to deter theft of checks and allow issuing banks to offerreplacement/refind of lost or stolen checks. In a preferred embodiment,nonce checks would visually indicate a denomination amount ($20, $50,$100, etc.) such that users cannot easily forge the denomination, andthe nonce number would also include a component reflecting that amountso that users cannot illicitly purchase, say, a $20 digital certificatefor use with a $100 denomination nonce check. In the latter case, vendorcomputer 310 would catch and refuse the $20 order because it wouldcompare the denomination component of the input nonce number with therequested certificate denomination; and of course if a user inputs afalse nonce number in which the denomination component has been changed(say from 100 to 020), then the resulting $20 digital certificate willnot test as authentic when paired with the $100 denomination nonce checkthat the user actually holds.

[0050] Applications are also possible in which the user does not pay atransaction price in advance, in exchange for the certificate; instead,an authentic nonce stamp/certificate pair would work like a personalcheck, but with enhanced protection against forgery. A merchant whoaccepts an authentic nonce check/certificate pair would negotiate thepair through the banking system.

[0051] Nonce postage, nonce tickets, and other nonce stamp applicationsoffer several potential advantages over existing forms of informationbased indicia. For example, their authenticity can be easily checkedwithout requiring expensive database maintenance and lookup, aspreviously discussed. In addition, because digital certificates can bereproduced with relative ease, existing electronic stamps (for example)typically encode extra information within each certificate, such asaddressee information and the date of mailing, in order to prevent thesame e-stamp from being reused on a different day or with a differentaddressee; but consequently, any change in the date of mailing mayentail forfeiting value. In contrast, in accordance with the presentinvention, a vendor of nonce digital certificates can, if requested by auser and if legitimate exchanges are allowed, transmit an extra copy ofa previously purchased digital certificate but with a new date (or candisseminate to users electronic certificates and software making thedate field very easily modifiable), secure in the knowledge that theuser/customer can ultimately only use one copy of a certificate with agiven encrypted number to authenticate a transaction, because of therequired binding to an irreproducible nonce stamp. (Alternatively, noncestamps in accordance with the present invention may obviate the need forrestrictive date constraints, since nonce stamps can provide reasonablystrong confirmation of authenticity based simply on the nonce number andthe certificate number.) For similar reasons, a digital certificate thatrequires any other modifications not affecting price (e.g., user wishesto change the addressee zip code field in a postage certificate), orthat is accidentally damaged or destroyed such as by a printer jam, canreadily be replaced in accordance with preferred embodiments of thepresent invention.

[0052] The invention presents a general scheme for establishing andchecking the authenticity and uniqueness of electronic certificates.While the above description includes many specifics and examples, theseshould not be construed as limitations on the scope of the invention,but rather as exemplification of a preferred embodiment thereof. Manyother variations arc possible. For example, the markings on the noncestamp do not have to be numeric. Any marking, image, or other fixedencoding of information on a forgery-resistant physical object that canbe conveniently and securely encrypted to yield a derived encoding thatcan be incorporated into a digital certificate, would serve just aswell. Likewise, the “number” on the digital certificate need not bemarked in explicitly numeric fashion. Practitioners will furtherrecognize that a wide variety of applications for information-basedindicia may be practiced in accordance with, and by taking advantage of,the methods and systems disclosed herein.

[0053] Although the present invention has been described in detail, itshould be understood that various changes, substitutions and alterationscan be made hereto without departing from the spirit and scope of theinvention as described by the appended claims.

1. A method for authenticating a transaction comprising the steps of:presenting a nonce stamp having a nonce; presenting a numbered digitalcertificate derived securely from the nonce; and authenticating thetransaction by comparing the number on the digital certificate and thenonce.
 2. The method of claim 1, wherein the nonce is represented on thenonce stamp within a bar code.
 3. The method of claim 1, wherein thedigital certificate is marked on a physical medium.
 4. The method ofclaim 1, wherein the number on the digital certificate is representedwithin a two dimensional bar code.
 5. The method of claim 1, wherein thenumbered digital certificate is derived by encrypting the nonce number.6. The method of claim 5, wherein comparing the number on the digitalcertificate and the nonce comprises encrypting the nonce, and matchingthe encrypted nonce against the number on the digital certificate. 7.The method of claim 5, wherein comparing the number on the digitalcertificate comprises decrypting the number on the digital certificateand matching the decrypted number with the nonce.
 8. The method of claim1, further comprising obtaining the digital certificate for a user bypaying a purchase price for the transaction.
 9. The method of claim 8,wherein obtaining the digital certificate is performed remotely via anelectronic communications network.
 10. The method of claim 9, whereinthe user is in physical possession of the nonce stamp, and whereinobtaining the digital certificate for the user further comprisesremotely transmitting the nonce.
 11. The method of claim 10, whereinobtaining the digital certificate further comprises deriving the numberon the digital certificate by encrypting the nonce remotely transmittedfor the user.
 12. The method of claim 11, wherein obtaining the digitalcertificate further comprises transmitting digital certificateinformation, including the number on the digital certificate, to theuser via the electronic communications network.
 13. The method of claim12, wherein obtaining the digital certificate further comprisesreceiving the digital certificate information and locally printing atangible copy of the numbered digital certificate.
 14. The method ofclaim 8, wherein obtaining the digital certificate is performed using atamper-resistant module at a system local to the user, thetamper-resistant storing user account information.
 15. The method ofclaim 14, wherein the user connects electronically to a remote vendor inorder to purchase credit for the user account stored by the tamperresistant module.
 16. The method of claim 15, wherein the vendorremotely updates, via electronic network, the account information in thetamper-resistant module.
 17. The method of claim 1, wherein the numbereddigital certificate further comprises a description of at least oneelement of the transaction selected from the group consisting ofpurchase price, purchased product/service, transaction authority. 18.The method of claim 1, wherein the nonce stamp and the numbered digitalcertificate are physically coupled together.
 19. The method of claim 18,wherein the numbered digital certificate is printed on the nonce stamp.20. The method of claim 1, wherein the nonce stamp and the numbereddigital certificate are physically coupled to an article of thetransaction.
 21. The method of claim 1 wherein the transaction comprisesdepositing an article of mailing, and the method further comprisespresenting the nonce stamp and the numbered digital certificate aspostage for the article of mailing.
 22. The method of claim 1 whereinthe transaction comprises admission to a facility, and the methodfurther comprises presenting the digital certificate and the nonce stampas a ticket for admission to the facility.
 23. An information-basedindicium for authenticating a desired transaction, comprising: a) anonce stamp comprising a nonce; and b) a digital certificate comprisinga number derived securely from the nonce; wherein the digitalcertificate and the nonce stamp may be presented together toauthenticate the transaction by comparing the number on the digitalcertificate and the nonce.
 24. The information-based indicium of claim23, wherein the nonce is represented on the nonce stamp within a barcode.
 25. The information-based indicium of claim 23, wherein thedigital certificate is marked on a physical medium.
 26. Theinformation-based indicium of claim 23, wherein the number on thedigital certificate is represented within a two dimensional bar code.27. The information-based indicium of claim 23, wherein the numbereddigital certificate is derived by encrypting the nonce.
 28. Theinformation-based indicium of claim 27, wherein comparing the number onthe digital certificate and the nonce comprises encrypting the nonce,and matching the encrypted nonce against the number on the digitalcertificate.
 29. The information-based indicium of claim 23, wherein thenumbered digital certificate further comprises a description of at leastone element of the transaction selected from the group consisting ofpurchase price, purchased product/service, and transaction authority.30. The information-based indicium of claim 23, wherein the nonce stampand the numbered digital certificate are physically coupled together.31. The information-based indicium of claim 23, wherein the numbereddigital certificate is printed on the nonce stamp.
 32. Theinformation-based indicium of claim 23, wherein the nonce stamp and thenumbered digital certificate are physically coupled to an article of thetransaction.
 33. The information-based indicium of claim 23 wherein thetransaction comprises depositing an article of mailing, and theinformation-based indicium comprises postage for the article of mailing.34. The information-based indicium of claim 23 wherein the transactioncomprises admission to a facility, and the information-based indiciumcomprises a ticket for admission to the facility.
 35. A system forgenerating information-based indicia for a user's desired transaction,comprising one or more computers configured to: a) receive as input anonce from a nonce stamp of the user; b) encrypt the nonce; and c)provide to the user a digital certificate comprising the encryptednonce, whereby the nonce stamp and the digital certificate may becollectively presented as an information-based indicium for the desiredtransaction.
 36. The system of claim 35, wherein the one or morecomputers are further configured to specify a user's desiredtransaction, and to charge the user a transaction price for the desiredtransaction.
 37. The system of claim 36, wherein the computers areconfigured to charge the user prior to providing the digital certificateto the user.
 38. The system of claim 36, wherein the computers areconfigured to receive the nonce, encrypt the nonce, specify the desiredtransaction, charge the user, and to provide the digital certificate, atleast partly through remote interaction between the user and a vendoracross one or more electronic communication networks.
 39. The system ofclaim 38, wherein the remote interaction is conducted between clientbrowsing software of the user and an Internet site of the vendor. 40.The system of claim 38, wherein the computers are configured to providethe digital certificate to the user by transmitting digital certificateinformation, including the number on the digital certificate, to theuser via the electronic communications network.
 41. The system of claim40, wherein the computers are further configured to provide the digitalcertificate to the user by receiving the digital certificate informationat the user's end and locally printing a tangible copy of the digitalcertificate.
 42. The system of claim 36, wherein the one or morecomputers include a tamper-resistant module local to the user, and areconfigured to encrypt the nonce using the tamper-resistant module. 43.The system of claim 42, wherein the tamper-resistant module stores useraccount information, and wherein the one or more computers areconfigured to charge the transaction price by using the tamper-resistantmodule to update the stored account information.
 44. The system of claim43, wherein the tamper resistant module is intermittently coupled, vianetwork, to a remote vendor who updates the stored account informationto reflect credit purchased by the user.
 45. The system of claim 35,wherein the transaction comprises mailing an article of mailing and theinformation-based indicium comprises postage.
 46. The system of claim35, wherein the transaction comprises gaining admission to a facilityand the information-based indicium comprises an admission ticket.
 47. Aninformation-based indicium comprising: a) a forgery-resistant physicalarticle bearing an identification number; b) a digital certificateincluding a number derived securely from the identification number;wherein the information based indicium may be authenticated by comparingthe number on the digital certificate and the identification number. 48.The information-based indicium of claim 47, wherein the identificationnumber is represented on the physical article in a human-readable form.49. The information-based indicium of claim 48, wherein theidentification number is represented on the physical article in a formreadable by standard image scanners.